Thread: Network security, passwords and keys
View Single Post
  #12 (permalink)  
Old December 25th 15, 06:24 AM posted to alt.comp.networking.connectivity,microsoft.public.windows.vista.general,alt.windows7.general
Paul[_2_]
external usenet poster
  
Posts: 47
Default Network security, passwords and keys
rickman wrote:
On 12/25/2015 12:36 AM, Micky wrote:
All this time I've been thinking that if WEP or WPA-PSK enabled and a
proper key, I have adequate router security.

But in a moment of possible enlightenment, it occurred to me that if
an interloper can log into my router, he can change the key so that
iiuc I won't be able to use the net. That's bad, right?

And if I haven't set a router password, he can set one, and then I
would have run around in circles for an hour not understanding why I
couldn't call up my router page. (Even now it will take me a half
hour to figure out I have to push the reset button on the router,
right? And then I have to get my two wireless things connected
again. More wasted time.)

So do you all have a password for logging into your router?

With a new router, the router password has to be set first, I think,
or an aggressive interloper will change the encryption key. Does
this happen?

I'm pretty sure the access to the user page in the router is only
available on the LAN side unless you turn on access from the WAN side. No?


Sadly, no.

I ran into an individual, who was working with a brand new router,
and that one had access from the WAN side.

It turned out, the hardware company that made the router, were using
the *sample* firmware from the chipset maker. And the hardware company
had not added one ounce of extra code to the thing, tightened up the
configuration, or a damn thing. It was like a piece of crap they
had just got working on their lab bench.

The end result, is there are some hilariously in-secure products
out there. Just waiting for 12 year old script kiddies to find.

I don't think you will find name-brand equipment that badly
configured, but there can still be problems with the name-brand
stuff. One problem, for example, was related to the fact that
a large number of products were using a third-party firmware,
so the manufacturer didn't have to write/edit each design,
and they were using that firmware as their product firmware.
And once an exploit is uncovered for a "common" firmware
like that, it means a whole bunch of different brands/models can
be tipped over at the same time. The ideal situation would
be if all the firmwares were unique, with a unique bug in each
one, so only one model number would tip over at a time :-)

Paul